Bobcares
Client Area
Emergency Support
DigitalOcean | Latest | Server Management

Edit firewall for a DigitalOcean droplet like a pro

by | Nov 21, 2021

Edit firewall for a DigitalOcean droplet like a pro with help from Bobcares.

At Bobcares, we offer solutions to queries as a part of our Server Management Service.

Let’s take a look at this guide by our Support Techs to edit a firewall for a droplet.

How to edit firewall for a DigitalOcean droplet

DigitalOcean Cloud Firewalls can be described as a network-based, firewall service for Droplets. Furthermore, it comes at no additional cost. Additionally, Cloud firewalls also block traffic that is not permitted by a rule.

According to our Support Techs, inbound firewall rules define the traffic that is allowed on the server, from which sources, and on which ports. In case inbound rules are not configured, incoming traffic does not have permission.

Outbound rules are related to traffic permitted to leave the server, to which destinations as well as on which ports. In case outbound rules are not configured, outbound traffic is permitted.

In order to manage the firewall’s rules, we have to go to the Firewalls section in Networking. Once we click the name of the firewall, we will see Rules tab. This allows us to Create new rules and Edit or delete existing rules.

How to edit firewall for a DigitalOcean droplet: Create new rules

We can create new outbound and inbound rules by going to either Inbound Rules or Outbound Rules and opening the New rule.

According to our Support Engineers, we can define firewall rules only to restrict traffic to and from ports based on sources, connection types as well as destinations. Moreover, we cannot define rules to restrict traffic based on HTTP headers like User-Agent. Content-Type or X-Forwarded-For.

Furthermore, there are various common protocols that fill up the Port Range and Protocol fields automatically. For instance, if we select HTTP, the Port Name and Protocol will automatically be port 80 and TCP respectively as seen below:

Edit firewall for a DigitalOcean droplet: Inbound rules

In case any of the services are listening on a non-standard port, we can create a new custom rule to configure it.

How to edit firewall for a DigitalOcean droplet: Custom rules

In order to add a custom rule, we will select Custom. This allows us to define the port range, protocol as well as source or destination.

  • Protocol:
    We can choose either UDP or TCP. Since ICMP does not have port abstraction, we have to select it directly in the New rule to allow ICMP traffic.
  • Port Range:
    For UDP and TCP protocols, we will specify the following:

    • All ports: by leaving the field blank.
    • Range of ports: by entering the ending & starting ports separated by a dash. We can create a separate rule for each in order to open multiple non-sequential ports.
    • A single port
  • Sources:
    For inbound rules, sources allow us to restrict the source of incoming connections as seen below:

    • Resources or tags: by entering the name of the tag or resource. This includes VPCs, Droplets. Kubernetes clusters, load balancers, resource tags, and Ipv4/Ipv6 addresses.
    • IP addresses or IP ranges: by entering a CIDR or individual IP addresses.
    • Types of IP address: by choosing All IPv6 or All Ipv4 in the sources field. In fact, this allows all IP addresses of a certain type to connect to the Droplet.
  • Destinations: for outbound rules, it allows us to restrict outgoing connections’ destinations. We can also limit the sources or destinations to:
    • Load Balancers, DigitalOcean selected by name, IP address, or tag
    • Droplets, selected by name, IP address, or tag
    • DigitalOcean Kubernetes clusters, selected by name, or tag
    • Non-DigitalOcean servers by subnets, CIDR ranges, or IP addresses

How to edit firewall for a DigitalOcean droplet: Edit or Delete rules

We can edit or delete a rule via the More menu seen below:

Edit firewall for a DigitalOcean droplet: Edit or Delete rules

In other words, we can opt for Edit Rule or Delete Rule respectively. Furthermore, the rule gets deleted immediately without any additional prompt when we choose Delete Rule.

[Need assistance with another query? We are here to lend a hand.]

Conclusion

In brief, we learned how to configure firewall rules for a DigitalOcean droplet under the guidance of the skilled Support Engineers at Bobcares.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

Related posts:

  1. View firewall for a DigitalOcean droplet like an expert
  2. DigitalOcean memory usage – Find top processes involved
  3. DigitalOcean create droplet with ssh key – How we achieve it?
  4. Access files on DigitalOcean Droplet with ease

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Bobcares

Use your time to build great apps. Leave your servers to us.

Managing a server is time consuming. Whether you are an expert or a newbie, that is time you could use to focus on your product or service. Leave your server management to us, and use that time to focus on the growth and success of your business.

TALK TO US Or click here to learn more.

Related Articles

  1. View firewall for a DigitalOcean droplet like an expert
  2. DigitalOcean memory usage – Find top processes involved
  3. DigitalOcean create droplet with ssh key – How we achieve it?
  4. Access files on DigitalOcean Droplet with ease

Never again lose customers to poor
server speed! Let us help you.

GET STARTED

Privacy Preference Center

Consent Management

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Privacy Policy

Required
By using this site, you agree to our Privacy Policy.

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

Cookies Used

Required
PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]

livechat.bobcares.com

Opt Out
PHPSESSID

my.bobcares.com

Opt Out
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

Cookies Used

_ga, _gat, _gid

google.com

Opt Out
_ga, _gat, _gid

manager.smartlook.com

Opt Out
smartlookCookie

clarity.microsoft.com

Opt Out
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

Cookies Used

IDE, test_cookie, 1P_JAR, NID, DV, NID

doubleclick.net

Opt Out
IDE, test_cookie

google.co.in

Opt Out
1P_JAR, NID, DV

google.com

Opt Out
NID

olark.com

Opt Out
hblid

rb2b.com

Opt Out
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

Cookies Used

SID, APISID, HSID, NID, PREF

google.com

Opt Out
SID, APISID, HSID, NID, PREF